No emotions here, just a practical realization of what goes on out there (or doesn't).
Here is an example In the last few days a friend of mine (who uses a PHP based framework which shall remain nameless) has had a bunch of directories/files and .htaccess injected into his hosted apps. The commercial provider of the php framework is blaming the hosting providers php setup and the hosting provider is blaming the php framework provider, and he is stuck in the middle. With app engines model this is just not possible, unless his userid/ credentials are provided/hacked. So no I do not believe this is a witch hunt at all. I have been working with web technlogies since the mid 90's and honestly so many people get it wrong in terms of security. >From my personal experience googles approach is right on the mark. Rgds T On Mar 28, 4:58 pm, Baz <[email protected]> wrote: > While I have no need for this since I use and love SCM's, none of you > have made any reasonable point on why it should not be allowed. In > many other environments you can ftp code up and down, or basically get > the code the same way you put it up. No-one said the code should be > available for anyone in the world to download (Wesly), it would only > be accessible using the same credentials that you used to upload it. > And no-one advocated making it the standard way of working, but > perhaps there are exceptional situations where this would make sense. > Then again, who are any of you to tell someone how to work? Again, I > don't care either way, but this feels like a witch hunt based on > irrational emotions. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
